New SQL Injection Lab! Skillset Labs walk you through infosec tutorials, step-by-step, with over 30 hands-on penetration testing labs available for FREE! A password is the secret word or phrase that is used for the authentication process in various applications.

It is used to gain access to accounts and resources. A password protects our accounts or resources from unauthorized access. What is Password Cracking?

Password cracking is the process of guessing or recovering a password from stored locations or from data transmission system. It is used to get a password for unauthorized access or to recover a forgotten password. In penetration testing, it is used to check the security of an application. In recent years, computer programmers have been trying to create algorithms for password cracking in less time.

Most of the password cracking tools try to login with every possible combination of words. If login is successful, it means the password was found. If the password is strong enough with a combination of numbers, characters and special characters, this cracking method may take hours to weeks or months. A few password cracking tools use a dictionary that contains passwords. These tools are totally dependent on the dictionary, so success rate is lower. In the past few years, programmers have developed many password cracking tools. Every tool has its own advantages and disadvantages.

In this post, we are covering a few of the most popular password cracking tools. Brutus Brutus is one of the most popular remote online password cracking tools. It claims to be the fastest and most flexible password cracking tool. This tool is free and is only available for Windows systems. It was released back in October 2000. It supports HTTP (Basic Authentication), HTTP (HTML Form/CGI), POP3, FTP, SMB, Telnet and other types such as IMAP, NNTP, NetBus, etc.

You can also create your own authentication types. This tool also supports multi-stage authentication engines and is able to connect 60 simultaneous targets. It also has resume and load options. So, you can pause the attack process any time and then resume whenever you want to resume. This tool has not been updated for many years. Still, it can be useful for you. RainbowCrack RainbowCrack is a hash cracker tool that uses a large-scale time-memory trade off process for faster password cracking than traditional brute force tools.

Time-memory trade off is a computational process in which all plain text and hash pairs are calculated by using a selected hash algorithm. After computation, results are stored in the rainbow table. This process is very time consuming. But, once the table is ready, it can crack a password must faster than brute force tools. You also do not need to generate rainbow tablets by yourselves. Developers of RainbowCrack have also generated LM rainbow tables, NTLM rainbow tables, MD5 rainbow tables and Sha1 rainbow tables.

Like RainbowCrack, these tables are also available for free. You can download these tables and use for your password cracking processes. Download Rainbow tables here: A few paid rainbow tables are also available, which you can buy from here: This tool is available for both Windows and Linux systems. Download Rainbow crack here: 3. Wfuzz Wfuzz is another web application password cracking tool that tries to crack passwords with brute forcing.